Uber To Pay $20,000 Fine Over 'God View' Tool September 2014 Data Breach

The New York Attorney General's office has instructed Uber to pay $20,000 as fine over the company's geo-location tracking tool – internally called God View – and a data breach that occurred in September 2014.

On Wednesday, Attorney General Eric T. Schneiderman, announced about the settlement with Uber, which will require the company to implement data security measures to protect the personal information of riders.

"This settlement protects the personal information of Uber riders from potential abuse by company executives and staff, including the real-time locations of riders in an Uber vehicle," says Schneiderman.

The attorney general also encouraged all tech companies to amend and review their procedures and policies on a regular basis, which will ensure protection of employees' and customers' private information.

Uber's mobile app allows riders to link with drivers. In the process, the company collects some personal information of riders such as their name, phone number, email address as well as payment mode. The company also collects driver information like registration number of vehicle, driving license details and the inspection documents of the vehicle. Uber has tools to collect real-time locations of drivers and riders.

The attorney general started an investigation in November 2014, after public reports highlighted that Uber executives could access rider's location internally with the God View tool.

In February 2015, Uber separately informed the attorney general's office that the company had experienced a data breach in September 2014, where the hackers had unauthorized access to driver names and their license numbers.

A November 2014 BuzzFeed report said that one of its reporters, Johana Bhuiyan, arrived at the company's New York headquarters in Long Island City for an interview with Josh Mohrer, who was the general manager of Uber New York.

When Johana stepped out of the Uber car she was riding, she found Mohrer waiting for her.

"There you are," said Mohrer. "I was tracking you."

Neither Mohrer nor Uber had asked for Johana's permission to be tracked in the Uber vehicle she was riding. Moreover, Mohrer has also sent an email to Johana that detailed the Uber rides taken by her in a set period.

Anonymous Uber employees told BuzzFeed that God View can easily be accessed by Uber employees across the company. However, Uber claimed at that time that access to the geo-location tool was limited for valid business purposes only and any violations would result in strict action against the guilty. Uber also said that it was investigating Mohrer's actions of tracking Johana and her Uber ride logs.

The attorney general alleges that Uber executives used the geographic location of riders inappropriately as form of idle entertainment. As part of the settlement, Uber is required to encrypt the geographic location of its riders and adopt a strict authentication procedure if an Uber employee needs access to this data.

Uber has also released a statement confirming that they are pleased with the settlement.

"We are pleased to have reached an agreement with the New York Attorney General that resolves these questions and makes clear our commitment to best practices that put our community first," says Jessica Santillo, a spokesperson for Uber.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics